CN111984554B - Data processing method and device - Google Patents

Data processing method and device Download PDF

Info

Publication number
CN111984554B
CN111984554B CN202010760876.1A CN202010760876A CN111984554B CN 111984554 B CN111984554 B CN 111984554B CN 202010760876 A CN202010760876 A CN 202010760876A CN 111984554 B CN111984554 B CN 111984554B
Authority
CN
China
Prior art keywords
data
physical disk
storing
metadata
determining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010760876.1A
Other languages
Chinese (zh)
Other versions
CN111984554A (en
Inventor
刘浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd Chengdu Branch
Original Assignee
New H3C Technologies Co Ltd Chengdu Branch
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd Chengdu Branch filed Critical New H3C Technologies Co Ltd Chengdu Branch
Priority to CN202010760876.1A priority Critical patent/CN111984554B/en
Publication of CN111984554A publication Critical patent/CN111984554A/en
Application granted granted Critical
Publication of CN111984554B publication Critical patent/CN111984554B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present application relates to the field of data storage technologies, and in particular, to a data processing method and apparatus. The method comprises the following steps: determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file; if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively; and when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk.

Description

Data processing method and device
Technical Field
The present application relates to the field of data storage technologies, and in particular, to a data processing method and apparatus.
Background
With the development of technologies such as high-definition video, image processing, video monitoring, and the like, the data capacity of users is becoming larger and larger, and the requirements of users on the read-write performance of stored data are increasing synchronously. When a user purchases a storage product, the user usually puts forward a clear requirement on performance so as to meet the business requirement.
Furthermore, in some special fields, the security of data is also very important, that is, after the disk is stolen, it needs to be ensured that the data on the disk cannot be cracked, and that the data information of the client cannot be leaked.
At present, the mainstream local file system encryption scheme usually adopts encryption modules such as dmcrypt and the like to encrypt the disk data, and achieves the purpose of data encryption by performing format conversion on the data format written into the disk.
Taking the example of writing a file into a file system, the following current mainstream encryption process is introduced:
1) Writing a file A into a local file system by a client; 2) The local file system receives the request for writing in the file A, updates the metadata and the data and then sends a data updating request to the equipment management module; 3) The equipment management module sends an updating request to the data encryption module; 4) The data encryption module performs secondary packaging (encryption) on the data and writes the data into a physical disk.
At the moment, the data on the disk is encrypted in full, and when the data is read, the data needs to be analyzed by the data encryption module to obtain a format which can be identified by the local file system, and then the data is returned to the upper layer.
However, when the disk data is encrypted by the data encryption module, all data needs to be encrypted and decrypted, which may cause the time delay of reading and writing IO of the storage system to increase significantly, and performance to decrease significantly, which is unacceptable for a time-delay sensitive scene.
Disclosure of Invention
The application provides a data processing method and device, which are used for solving the problem that the performance of a storage system is poor due to the fact that full-amount encryption is carried out on data to be stored in the prior art.
In a first aspect, the present application provides a data processing method, including:
determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file;
if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively;
and when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk.
Optionally, the step of determining at least one designated location in the first physical disk for storing standard data includes:
acquiring the size of the first physical disk and a standard data writing rule;
and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
Optionally, the method further comprises:
if the data encryption mode is a second encryption mode, determining a second physical disk for storing the metadata of the data to be encrypted;
and when a second data storage instruction is received, encrypting and storing the metadata of the second data to the second physical disk, and storing the second data to other physical disks except the second physical disk.
Optionally, the step of determining a second physical disk for storing the metadata of the data to be encrypted includes:
and determining an LBA address range corresponding to a second physical disk for storing the metadata of the data to be encrypted.
Optionally, the step of storing the metadata of the second data to the second physical disk in an encrypted manner includes:
and after converting the data format of the metadata of the second data into a specified data format, storing the specified data format to the second physical disk.
In a second aspect, the present application provides a data processing apparatus, the apparatus comprising:
the first determining unit is used for determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file;
a second determining unit, configured to determine, if the first determining unit determines that the data encryption mode is the first encryption mode, a first physical disk used for storing metadata of the data to be encrypted, determine at least one designated location in the first physical disk used for storing standard data, and write the standard data into the at least one designated location respectively;
and the first processing unit is used for storing the metadata of the first data to other positions except the at least one designated position in the first physical disk and storing the first data to other physical disks except the first physical disk when receiving a first data storage instruction.
Optionally, when at least one specified location for storing standard data in the first physical disk is determined, the second determining unit is specifically configured to:
acquiring the size of the first physical disk and a standard data writing rule;
and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
Optionally, the apparatus further comprises a third determining unit and a second processing unit,
if the first determining unit determines that the data encryption mode is the second encryption mode, the third determining unit is configured to determine a second physical disk for storing metadata of the data to be encrypted;
and when receiving a second data storage instruction, the second processing unit encrypts and stores the metadata of the second data to the second physical disk, and stores the second data to other physical disks except the second physical disk.
Optionally, when the second physical disk used for storing the metadata of the data to be encrypted is determined, the third determining unit is specifically configured to:
and determining an LBA address range corresponding to a second physical disk for storing the metadata of the data to be encrypted.
Optionally, when the metadata of the second data is stored in the second physical disk in an encrypted manner, the second processing unit is specifically configured to:
and after the data format of the metadata of the second data is converted into a specified data format, storing the data format to the second physical disk.
In a third aspect, an embodiment of the present application provides a data processing apparatus, including:
a memory for storing program instructions;
a processor for calling program instructions stored in said memory and for executing the steps of the method according to any one of the above first aspects in accordance with the obtained program instructions.
In a fourth aspect, the present application further provides a computer-readable storage medium storing computer-executable instructions for causing a computer to perform the steps of the method according to any one of the above first aspects.
In summary, in the data processing method provided in the embodiment of the present application, a data encryption mode is determined based on the security level of the data to be encrypted configured by the configuration file; if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively; and when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk.
By adopting the data processing method provided by the embodiment of the application, the designated position for storing the standard data is divided on the physical disk for storing the metadata of the data, the metadata of the data is stored to other positions of the physical disk, the storage rule of the metadata is adjusted, and the metadata can not be analyzed reversely by the standard file storage system, so that the format conversion processing is not needed when the data is stored to other disks.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments of the present application or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art according to the drawings of the embodiments of the present application.
Fig. 1 is a detailed flowchart of a data processing method according to an embodiment of the present application;
fig. 2 is a schematic diagram illustrating standard data written in a plurality of designated locations of a physical disk according to an embodiment of the present application;
fig. 3 is a detailed flowchart of another data processing method provided in the embodiment of the present application;
fig. 4 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another data processing apparatus according to an embodiment of the present application.
Detailed Description
The terminology used in the embodiments of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein is meant to encompass any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in the embodiments of the present application to describe various information, the information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. Depending on the context, moreover, the word "if" used may be interpreted as "at \8230; \8230when" or "when 8230; \823030when" or "in response to a determination".
Illustratively, referring to fig. 1, a detailed flowchart of a data processing method provided in an embodiment of the present application includes the following steps:
step 100: and determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file.
In practical applications, a user/administrator may set a security level (a corresponding data encryption mode) and select a subsequent security level (a corresponding data encryption mode) according to a current application scenario and/or a service requirement.
In the embodiment of the present application, the ordinary encryption means that standard data (e.g., magic numbers) is written in according to a preset rule in an address range of a Logical Block Addressing (LBA) mode corresponding to a disk for storing metadata, so that the metadata is not written in a magic number space when metadata space management is performed, and since the magic number space does not cause disk fragmentation, there is no influence on the performance of the disk, and a disk encryption effect is achieved (the magic numbers change a metadata disk area and cannot be resolved in the reverse direction according to a standard file storage system).
That is to say, in the embodiment of the present application, the effect of indirectly encrypting the metadata is achieved by disturbing the storage rule (metadata disk distribution information) of the metadata, and the implementation of encrypting the data corresponding to the metadata is achieved by indirectly encrypting the metadata.
Step 110: if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively.
In the embodiment of the present application, when at least one designated location for storing standard data in the first physical disk is determined, a preferred implementation manner is to obtain the size of the first physical disk and a standard data writing rule; and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
In practical application, when the data encryption mode is determined to be common encryption, a physical disk for storing metadata of data to be encrypted is determined; then, at least one designated area for writing the magic numbers is determined in the physical disk, and it should be noted that, because the magic numbers are fixed, the sizes of the designated areas are also fixed; finally, the magic numbers are written into each designated area.
For example, referring to fig. 2, a schematic diagram of writing standard data to a plurality of designated locations of a physical disk according to an embodiment of the present application is provided. Preferably, one standard data is written at regular intervals, wherein, as shown in fig. 2, one standard data is written in each 1G or 10G of the physical disk, and preferably, the standard data is 0xabcdef, which occupies 1 sector of the physical disk.
In practical application, the physical disks are all at TB level, so that a plurality of designated positions for storing standard data are arranged on one physical disk, the continuity of the physical disk is not influenced, and the problem that sequential reading becomes random reading is avoided.
Of course, the standard data writing rule may also be other rules, and in the embodiment of the present application, no specific limitation is made herein. For example, the interval between the first designated position and the second designated position is x G, the interval between the second designated position and the third designated position is 2x G, and the interval between the third designated position and the fourth designated position is 3x G, and the above-mentioned rules are repeated, for example, the interval between the fourth designated position and the fifth designated position is x G, the interval between the fifth designated position and the sixth designated position is 2x G, and the interval between the sixth designated position and the seventh designated position is 3x G.
Step 120: and when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk.
In the embodiment of the present application, a plurality of designated locations are partitioned from a physical disk, which is used for storing metadata, in a file storage system, and are used for storing standard data (magic numbers), so that when the file storage system receives a first data storage instruction sent by a client, the file storage system can store the metadata of the first data in the physical disk, and because the plurality of designated locations in the physical disk have stored the standard data, the metadata of the data to be stored by the client can only be stored in other locations of the physical disk except the plurality of designated locations, and further, the data itself is stored in other physical disks used for storing data.
Illustratively, referring to fig. 3, a detailed flowchart of another data processing method provided in the embodiments of the present application is shown, where the method includes the following steps:
step 300: and determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file.
Step 310: and if the data encryption mode is a second encryption mode, determining a second physical disk for storing the metadata of the data to be encrypted.
In the embodiment of the present application, the data encryption mode may further include a second encryption mode (metadata full encryption).
In this embodiment of the present application, the term "metadata full encryption" refers to separating data from corresponding metadata, optimizing an encryption module, dividing according to disk LBA addresses, encrypting the LBA addresses of a disk for storing the metadata, and not encrypting the LBA addresses of the disk for storing the data. The scheme not only ensures the encryption of the whole amount of metadata, but also ensures the performance of the data area (a large amount of disk data read-write occurs in the data area).
Specifically, in the embodiment of the present application, when a second physical disk used for storing the metadata of the data to be encrypted is determined, a preferred implementation manner is that an LBA address range corresponding to the second physical disk used for storing the metadata of the data to be encrypted is determined.
Step 320: and when a second data storage instruction is received, encrypting and storing the metadata of the second data to the second physical disk, and storing the second data to other physical disks except the second physical disk.
Specifically, in the embodiment of the present application, when the metadata of the second data is stored in the second physical disk in an encrypted manner, a preferable implementation manner is that the data format of the metadata of the second data is converted into a specified data format, and then the converted data format is stored in the second physical disk.
Specifically, the metadata full-scale encryption process may include: 1) The equipment management module identifies the LBA address range of the disk where the metadata is located; 2) The equipment management module transmits the LBA address range of the metadata to the encryption module; 3) The encryption module encrypts an LBA address range where the metadata is located, and the writing of the disk in the LBA address range can be subjected to format conversion (similarly, reverse data format analysis is required when the metadata is read); 4) The metadata is written to disk.
Based on the same inventive concept as the method embodiment described above, for example, referring to fig. 4, a schematic structural diagram of a data processing apparatus provided in the embodiment of the present application is shown, where the data processing apparatus includes:
a first determining unit 40, configured to determine a data encryption mode based on a security level of data to be encrypted configured by a configuration file;
a second determining unit 41, if the first determining unit 40 determines that the data encryption mode is the first encryption mode, the second determining unit 41 is configured to determine a first physical disk for storing metadata of the data to be encrypted, determine at least one designated location in the first physical disk for storing standard data, and write the standard data into the at least one designated location, respectively;
and the first processing unit 42 is configured to, when receiving a first data storage instruction, store the metadata of the first data to a location other than the at least one specified location in the first physical disk, and store the first data to a physical disk other than the first physical disk.
Optionally, when determining at least one designated location in the first physical disk for storing standard data, the second determining unit 41 is specifically configured to:
acquiring the size of the first physical disk and a standard data writing rule;
and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
Optionally, the apparatus further comprises a third determining unit and a second processing unit,
if the first determining unit determines that the data encryption mode is the second encryption mode, the third determining unit is configured to determine a second physical disk for storing metadata of the data to be encrypted;
and when receiving a second data storage instruction, the second processing unit encrypts and stores the metadata of the second data to the second physical disk, and stores the second data to other physical disks except the second physical disk.
Optionally, when the second physical disk for storing the metadata of the data to be encrypted is determined, the third determining unit is specifically configured to:
and determining an LBA address range corresponding to a second physical disk for storing the metadata of the data to be encrypted.
Optionally, when the metadata of the second data is encrypted and stored in the second physical disk, the second processing unit is specifically configured to:
and after converting the data format of the metadata of the second data into a specified data format, storing the specified data format to the second physical disk.
The above units may be one or more integrated circuits configured to implement the above methods, for example: one or more Application Specific Integrated Circuits (ASICs), or one or more microprocessors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), among others. For another example, when one of the above units is implemented in the form of a Processing element scheduler code, the Processing element may be a general-purpose processor, such as a Central Processing Unit (CPU) or other processor capable of calling program code. As another example, these units may be integrated together and implemented in the form of a system-on-a-chip (SOC).
In summary, in the data processing method provided in the embodiment of the present application, a data encryption mode is determined based on the security level of the data to be encrypted configured by the configuration file; if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively; and when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk.
By adopting the data processing method provided by the embodiment of the application, the designated position for storing the standard data is divided on the physical disk for storing the metadata of the data, the metadata of the data is stored in other positions of the physical disk, the storage rule of the metadata is adjusted, and the metadata can not be analyzed reversely by the standard file storage system, so that the format conversion processing is not needed when the data is stored in other disks.
Further, in the data processing apparatus provided in the embodiment of the present application, from a hardware aspect, a schematic diagram of a hardware architecture of the data processing apparatus may be shown in fig. 5, where the data processing apparatus may include: a memory 50 and a processor 51, which,
the memory 50 is used for storing program instructions; the processor 51 calls the program instructions stored in the memory 50 and executes the above-described method embodiments according to the obtained program instructions. The specific implementation and technical effects are similar, and are not described herein again.
Optionally, the present application also provides a data processing apparatus, which includes at least one processing element (or chip) for executing the above method embodiments.
Optionally, the present application also provides a program product, such as a computer-readable storage medium, having stored thereon computer-executable instructions for causing the computer to perform the above-described method embodiments.
Here, a machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and the like. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), a solid state drive, any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may be in the form of a personal computer, laptop, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Furthermore, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims (8)

1. A method of data processing, the method comprising:
determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file;
if the data encryption mode is a first encryption mode, determining a first physical disk for storing metadata of the data to be encrypted, determining at least one designated position in the first physical disk for storing standard data, and writing the standard data into the at least one designated position respectively;
when a first data storage instruction is received, storing the metadata of the first data to other positions except the at least one designated position in the first physical disk, and storing the first data to other physical disks except the first physical disk;
the step of determining at least one designated location for storing standard data in the first physical disk comprises:
acquiring the size of the first physical disk and a standard data writing rule;
and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
2. The method of claim 1, wherein the method further comprises:
if the data encryption mode is a second encryption mode, determining a second physical disk for storing the metadata of the data to be encrypted;
and when a second data storage instruction is received, encrypting and storing the metadata of the second data to the second physical disk, and storing the second data to other physical disks except the second physical disk.
3. The method of claim 2, wherein the step of determining a second physical disk for storing metadata for the data to be encrypted comprises:
and determining the LBA address range corresponding to the second physical disk used for storing the metadata of the data to be encrypted.
4. The method of claim 3, wherein the step of storing the metadata for the second data to the second physical disk in an encrypted manner comprises:
and after converting the data format of the metadata of the second data into a specified data format, storing the specified data format to the second physical disk.
5. A data processing apparatus, characterized in that the apparatus comprises:
the first determining unit is used for determining a data encryption mode based on the security level of the data to be encrypted configured by the configuration file;
a second determining unit, configured to determine a first physical disk used for storing metadata of the data to be encrypted, determine at least one designated location in the first physical disk used for storing standard data, and write the standard data into the at least one designated location, if the first determining unit determines that the data encryption mode is the first encryption mode;
the first processing unit is used for storing metadata of the first data to other positions except the at least one designated position in the first physical disk and storing the first data to other physical disks except the first physical disk when receiving a first data storage instruction;
when the at least one designated location for storing the standard data in the first physical disk is determined, the second determining unit is specifically configured to:
acquiring the size of the first physical disk and a standard data writing rule;
and determining one or more designated positions for storing the standard data according to the size of the first physical disk and a standard data writing rule.
6. The apparatus of claim 5, further comprising a third determination unit and a second processing unit,
if the first determining unit determines that the data encryption mode is the second encryption mode, the third determining unit is configured to determine a second physical disk for storing metadata of the data to be encrypted;
and when receiving a second data storage instruction, the second processing unit encrypts and stores the metadata of the second data to the second physical disk, and stores the second data to other physical disks except the second physical disk.
7. The apparatus according to claim 6, wherein when the second physical disk for storing the metadata of the data to be encrypted is determined, the third determining unit is specifically configured to:
and determining an LBA address range corresponding to a second physical disk for storing the metadata of the data to be encrypted.
8. The apparatus according to claim 7, wherein when the metadata of the second data is stored in the second physical disk in an encrypted manner, the second processing unit is specifically configured to:
and after the data format of the metadata of the second data is converted into a specified data format, storing the data format to the second physical disk.
CN202010760876.1A 2020-07-31 2020-07-31 Data processing method and device Active CN111984554B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010760876.1A CN111984554B (en) 2020-07-31 2020-07-31 Data processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010760876.1A CN111984554B (en) 2020-07-31 2020-07-31 Data processing method and device

Publications (2)

Publication Number Publication Date
CN111984554A CN111984554A (en) 2020-11-24
CN111984554B true CN111984554B (en) 2023-03-28

Family

ID=73444930

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010760876.1A Active CN111984554B (en) 2020-07-31 2020-07-31 Data processing method and device

Country Status (1)

Country Link
CN (1) CN111984554B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103020537A (en) * 2011-09-22 2013-04-03 腾讯科技(深圳)有限公司 Data encrypting method, data encrypting device, data deciphering method and data deciphering device
WO2019206106A1 (en) * 2018-04-23 2019-10-31 Zhejiang Dahua Technology Co., Ltd. Systems and methods for storing data in ssd

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8140865B2 (en) * 2009-02-06 2012-03-20 International Business Machines Corporation Pre-configuring of encryption bands on a disk for use in a plurality of array configurations
CN103069380B (en) * 2012-04-27 2014-11-05 华为技术有限公司 Memory control device, data archiving memory system and data access method
US9152642B2 (en) * 2012-12-21 2015-10-06 Zetta, Inc. Systems and methods for on-demand data storage
US11132328B2 (en) * 2013-12-20 2021-09-28 Rambus, Inc. High level instructions with lower-level assembly code style primitives within a memory appliance for accessing memory
CN104391652A (en) * 2014-10-20 2015-03-04 北京兆易创新科技股份有限公司 Wear leveling method and device of hard disk
US10452290B2 (en) * 2016-12-19 2019-10-22 Pure Storage, Inc. Block consolidation in a direct-mapped flash storage system
US10691340B2 (en) * 2017-06-20 2020-06-23 Samsung Electronics Co., Ltd. Deduplication of objects by fundamental data identification
CN109614045B (en) * 2018-12-06 2022-04-15 广东浪潮大数据研究有限公司 Metadata dropping method and device and related equipment
CN111381779B (en) * 2020-03-05 2024-02-23 深信服科技股份有限公司 Data processing method, device, equipment and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103020537A (en) * 2011-09-22 2013-04-03 腾讯科技(深圳)有限公司 Data encrypting method, data encrypting device, data deciphering method and data deciphering device
WO2019206106A1 (en) * 2018-04-23 2019-10-31 Zhejiang Dahua Technology Co., Ltd. Systems and methods for storing data in ssd

Also Published As

Publication number Publication date
CN111984554A (en) 2020-11-24

Similar Documents

Publication Publication Date Title
US10089191B2 (en) Selectively persisting application program data from system memory to non-volatile data storage
US10204235B2 (en) Content item encryption on mobile devices
US8261098B2 (en) Method and apparatus for encrypting and processing data in flash translation layer
CN112783831B (en) File migration method and device
JP4941556B2 (en) ENCRYPTION DEVICE, ENCRYPTION METHOD, AND ENCRYPTION PROGRAM
CN112181902B (en) Database storage method and device and electronic equipment
US10216645B2 (en) Memory data transfer method and system
CN103473266A (en) Solid state disk and method for deleting repeating data thereof
CN110263505A (en) Image processing method and device based on block chain
US9411513B2 (en) Sensitive data file attribute
CN112256460B (en) Inter-process communication method, inter-process communication device, electronic equipment and computer readable storage medium
WO2016112137A1 (en) Method and apparatus for processing transactions
CN114721594A (en) Distributed storage method, device, equipment and machine readable storage medium
US9037792B1 (en) Systems and methods for providing caching for applications with solid-state storage devices
CN111984554B (en) Data processing method and device
CN102750213A (en) Disc detecting and processing method and detecting and processing system
CN114924911B (en) Method, device, equipment and storage medium for backing up effective data of Windows operating system
CN112800057B (en) Fingerprint table management method and device
CN112256206B (en) IO processing method and device
US20200285751A1 (en) Information processing device, method for controlling information processing device, and program
WO2016095451A1 (en) Method and apparatus for improving memory access efficiency, and storage medium
WO2019183849A1 (en) Data processing method and device
CN113253925B (en) Method and device for optimizing read-write performance
CN115437574A (en) Storage cluster management method, device, equipment and machine-readable storage medium
CN117742586A (en) Data storage method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant